[Pkg-openldap-devel] Bug#474021: Bug#474021: Bug#474021: ldap-utils: ldapsearch should send errors to stderr
Chris Adams
chris at improbable.org
Thu Apr 3 21:16:33 UTC 2008
On Apr 3, 2008, at 3:31 PM, Quanah Gibson-Mount wrote:
>> In the example I included, the server timeout error was sent to
>> stderr if
>> the server was down (e.g. connect() gets an RST) but not in the
>> case of a
>> timeout (the LDIF comment is all you get).
>
> In this case, do you mean a timeout at the *protocol* level, where
> the search hits a timelimit set on the server side?
Yes - if the timeout is at the network level it will simply hang until
killed unless you have tcp keepalives enabled.
Here's the offending code:
if( !ldif ) {
printf( "result: %d %s\n", err, ldap_err2string(err) );
} else if ( err != LDAP_SUCCESS ) {
fprintf( stderr, "%s (%d)\n", ldap_err2string(err), err );
}
Basically, I'd like to change ldapsearch.c so errors are always
reported to stderr rather than only when -L is also specified. It
looks like most of the other error cases do this, although I did
notice that some of the LDAP_SYNC stuff sends errors to stdout, too.
if ( err != LDAP_SUCCESS ) {
fprintf( stderr, "Search failed: %s (%d)\n", ldap_err2string(err),
err );
}
if( !ldif ) {
printf( "result: %d %s\n", err, ldap_err2string(err) );
}
I've attached a patch which also changes the two other places where
printf was used to report abnormal conditions to use frpintf(stderr
instead of printf.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldapsearch-stderr.diff
Type: application/octet-stream
Size: 1206 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20080403/6c667816/attachment.obj
-------------- next part --------------
> Do you use nscd?
Yes but I've reproduced the problems with and without it. Basically
either way it works reasonably well (fails in at a low multiple of the
specified timelimit) if you have a clean failure but hangs
indefinitely if you have something like a LDAP server which accepts
connections but doesn't respond which is the failure mode we've
observed in all three of our major slapd outages (#303057, #378261).
Thanks,
Chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2423 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20080403/6c667816/attachment.bin
More information about the Pkg-openldap-devel
mailing list